Exclusion of FalsePositive GH's usernames in PrivateKeyDetector (#4046)

* ignore false positive github username

* moved false positive statements to detector for code simplicity.

* removed the username false positive filtration logic from ssh_integration.go

Author: abmussani

pkg/detectors/privatekey/privatekey.go

@@ -18,6 +18,15 @@ import (
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
 )
 
+var (
+	falsePositiveGHUsernames = map[detectors.FalsePositive]struct{}{
+		// This hack is because it's probably one of the most widely distributed github keys
+		// and a frequent annoyance.
+		// It is active at the time of this commit, but the developer is unresponsive.
+		detectors.FalsePositive("aaron1234567890123"): {},
+	}
+)
+
 type Scanner struct {
 	IncludeExpired bool
 }
@@ -109,12 +118,15 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			wg.Add(1)
 			go func() {
 				defer wg.Done()
-				user, err := VerifyGitHubUser(ctx, parsedKey)
+				username, err := VerifyGitHubUser(ctx, parsedKey)
 				if err != nil && !errors.Is(err, errPermissionDenied) {
 					verificationErrors.Add(err)
 				}
-				if user != nil {
-					extraData.Add("github_user", *user)
+				if username != nil {
+					isFalsePositive, _ := detectors.IsKnownFalsePositive(*username, falsePositiveGHUsernames, false)
+					if !isFalsePositive {
+						extraData.Add("github_user", *username)
+					}
 				}
 			}()
 

pkg/detectors/privatekey/ssh_integration.go

@@ -115,12 +115,6 @@ func VerifyGitHubUser(ctx context.Context, parsedKey any) (*string, error) {
 
 	if strings.Contains(output, "successfully authenticated") {
 		username := strings.TrimSuffix(strings.Split(output, " ")[1], "!")
-		// This hack is because it's probably one of the most widely distributed github keys
-		// and a frequent annoyance.
-		// It is active at the time of this commit, but the developer is unresponsive.
-		if username == "aaron1234567890123" {
-			return nil, nil
-		}
 		return &username, nil
 	}